From 0ef94d85e58497dcb2c4c954cadcac918032467a Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Thu, 18 Feb 2021 21:07:01 +0100
Subject: Add %-specifiers support.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

lacme(8): for --config=, --socket=, --config-certs= (and ‘socket’/
‘config-certs’/‘challenge-directory’ configuration options *before*
privilege drop; and for the [accountd] section ‘command’/‘config’
configuration options *after* privilege drop).

lacme-accountd(1): for --config=, --socket= and --privkey= (and
‘socket’/‘privkey’ configuration options).

This also changes the default configuration file location.  lacme(8) and
lacme-accountd(1) now respectively use /etc/lacme/lacme.conf resp.
/etc/lacme/lacme-accountd.conf when running as root, and
$XDG_CONFIG_HOME/lacme/lacme.conf resp. $XDG_CONFIG_HOME/lacme/lacme-accountd.conf
when running as a normal user.  There is no fallback to /etc anymore.
---
 config/lacme-accountd.conf | 4 +---
 config/lacme.conf          | 4 +---
 2 files changed, 2 insertions(+), 6 deletions(-)

(limited to 'config')

diff --git a/config/lacme-accountd.conf b/config/lacme-accountd.conf
index 10f332e..f31cf67 100644
--- a/config/lacme-accountd.conf
+++ b/config/lacme-accountd.conf
@@ -17,10 +17,8 @@
 # for signature requests from the ACME client.  An error is raised if
 # the path exists or if its parent directory is writable by other
 # users.
-# Default: "$XDG_RUNTIME_DIR/S.lacme" if the XDG_RUNTIME_DIR
-# environment variable is set.
 #
-#socket = /run/user/1000/S.lacme
+#socket = %t/S.lacme
 
 # Be quiet.  Possible values: "Yes"/"No".
 #
diff --git a/config/lacme.conf b/config/lacme.conf
index 98ecacb..198729d 100644
--- a/config/lacme.conf
+++ b/config/lacme.conf
@@ -10,13 +10,11 @@
 # UNIX-domain socket to connect to for signature requests from the ACME
 # client.  lacme(8) aborts if the socket is readable or writable by
 # other users, or if its parent directory is writable by other users.
-# Default: "$XDG_RUNTIME_DIR/S.lacme" if the XDG_RUNTIME_DIR environment
-# variable is set.
 # This setting is ignored when lacme-accountd(1) is spawned by lacme(8),
 # since the two processes communicate through a socket pair.  See the
 # "accountd" section below for details.
 #
-#socket =
+#socket = %t/S.lacme
 
 # username to drop privileges to (setting both effective and real uid).
 # Skip privilege drop if the value is empty (not recommended).
-- 
cgit v1.2.3